fschl
/
dotfiles
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

update some notes

This commit is contained in:
Frieder Schlesier 2018-06-18 21:41:56 +02:00
parent 5a12df19e4
commit 09ce9ffa84
1 changed files with 29 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
README.md
View File

@ -1,14 +1,21 @@
# fschl dotfiles
some stuff that makes my linux life more portable and comfortable.
for debian, or debian-based distros. using i3wm.org on the desktop.
also uses containers.
Things that make my linux life more comfortable, portable and secure.
For debian, or debian-based distros. using i3wm.org on the desktop.
And containers everywhere :)
strongly inspired by awesome work of https://github.com/jessfraz
inspired by https://github.com/jessfraz
## Notes
## Questions this repos tries to answer
- How long does it take for you to set up a machine?
- Do you have backups?
- Are you using a password manager?
- How do you transport your secrets?
- Can you get things done without *your* computer?
- Rescue+Recover friends laptops/computers
- panic-ops using a friends laptop
First Rule of Data: Always have Backups!
### Security
@ -54,14 +61,13 @@ $ ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519_host_$(date +%Y-%m-%d) -C "Key to H
`~/.gnupg/gpg.conf`:
```
# from https://wiki.mozilla.org/Security/Key_Management
personal-digest-preferences SHA512 SHA384
cert-digest-algo SHA256
default-preference-list SHA512 SHA384 AES256 ZLIB BZIP2 ZIP Uncompressed
keyid-format 0xlong
```
#### Managing logins/passphrases
#### Managing logins & passphrases
- use keepass2
@ -71,6 +77,21 @@ keyid-format 0xlong
- on each, create 2 partitions (ext4, you will never use them on any windows device anyway)
- https://wiki.archlinux.org/index.php/Dm-crypt/Device_Encryption
Nowadays it's mere chance to find a USB Thumb Drive with less than 4GB storage.
Though, you want a dedicated Drive to transport your password database, ssh keys and GPG keys.
Those dont require more than a couple MB. So what to do with the remaining space?
Scenarios:
- You visit friends, only have your keys with you and you have to check your mails, assist a colleague
in some network/ops emergency or just securely look up some important information.
- A family member calls, their HDD just died and you are asked to quickly help out on recovery.
Boot into a safe environment, having all your credentials available in a secure manner.
Have a bootable forensics toolbox around to quickly get going in a familiar setup.
Solution: multi-boot!
## TODO
- [ ] explain setup, ideas, practises